package org.example;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.example.config.AnnoJiXi;
import org.example.realm.UserRealm2;
import org.junit.Test;

import java.util.UUID;

/**
 * @author 李新雨的项目86176
 * @version 1.0
 * @date 2024-12-15 13:48
 */
public class ShiroMD5 {

    @Test
    public void testMD5(){
        Md5Hash hash = new Md5Hash("123456");
        System.out.println(hash);//e10adc3949ba59abbe56e057f20f883e
        //利用这个密文-----e10adc3949ba59abbe56e057f20f883e   撞库--------明文123456

        //加盐加密
        /**
         * 明文+盐-----密文
         * 明文+盐+加盐次数-----密文密码
         *
         *
         */
        Md5Hash hash1 = new Md5Hash("123456","122",3);
        Md5Hash hash4 = new Md5Hash("123456","122",2);
        Md5Hash hash2 = new Md5Hash("123456","999",1);
        Md5Hash hash21 = new Md5Hash("123456","999");
        Md5Hash hash3 = new Md5Hash("123456","8889");
        System.out.println(hash1);//efb36c4bd8617c74e80cb0f389b69567
        System.out.println(hash4);//3d497d8cdf81e70dd2a8cd1ac36f1d94
        System.out.println(hash2);  //fdb8622e3e683f171a78ac9a9b8bbe9d
        System.out.println(hash21); //fdb8622e3e683f171a78ac9a9b8bbe9d
        System.out.println(hash3);//da81e94e4d5e5e7dda24da972d84c65f



    }


    @Test
    public void testMD5_2(){
        UUID uuid= UUID.randomUUID();
       Md5Hash hash = new Md5Hash("666","1",3);
       Md5Hash hash1 = new Md5Hash("888","2",3);
       //1fca7051de685797cecb55cfd7b44396
        //ef367b05f0d9e4fc39c9e58cd45ba413
        System.out.println(hash);
        System.out.println(hash1);
    }

    @Test
    public void testMD5_3() throws ClassNotFoundException {

        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        UserRealm2 userRealm1=new UserRealm2();
        defaultSecurityManager.setRealm(userRealm1);


        /**
         * 用户明文密码+盐+加密次数 +Md5算法 ------> 密文密码
         *
         *   通过用户名获取用户信息
         *
         *   数据库中的密文密码-----密文密码   比对
         */
        //设置凭证匹配器，加密算法和加密次数
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher("md5");
        hashedCredentialsMatcher.setHashIterations(3);
        userRealm1.setCredentialsMatcher(hashedCredentialsMatcher);


        SecurityUtils.setSecurityManager(defaultSecurityManager);
        Subject subject = SecurityUtils.getSubject();
        //
        UsernamePasswordToken token = new UsernamePasswordToken("yl", "888");
        subject.login(token);
        String expression = AnnoJiXi.jiXi();
        System.out.println(expression+"----controller中定义的权限");
        boolean permitted = subject.isPermitted(expression);
        System.out.println(subject.getPrincipal()+"是否有customer:list的权限？"+permitted);
        //此时Realm中查询出来的权限,就可以与该权限对比，这个过程由框架做
        boolean hr = subject.hasRole("hr");
        boolean seller = subject.hasRole("seller");
        System.out.println(subject.getPrincipal()+"是否有hr的角色？"+hr);
        System.out.println(subject.getPrincipal()+"是否有seller的角色？"+seller);



    }
}
